Chris Martin (@thatsiemguy)From Sandbox to SIEM: Replaying Windows Events using the Chronicle APIThis blog post explores how to replay Windows Event Logs into Chronicle SIEM, using Sandbox data from Google Threat Intel.3d ago3d ago
Chris Martin (@thatsiemguy)Google Cloud Security CommunityWant to keep up to date on SecOps? Learn how to leverage the Google Cloud Security Community to stay ahead of the curve.Sep 9Sep 9
Chris Martin (@thatsiemguy)Adding keyboard bindings to SecOps using ShortkeysHow to add custom keybindings in SecOps using the Shortkeys web browser extension.Aug 19Aug 19
Chris Martin (@thatsiemguy)Using KeyCloak with Google SecOpsIn this blog post I provide step-by-step instructions on how to configure authentication to the Chronicle SecOps platform using KeyCloak…Aug 2Aug 2
Chris Martin (@thatsiemguy)Data RBAC in SOARIn a prior post I wrote about Data RBAC in Chronicle SIEM. In this post I continue the topic to cover unifying Data RBAC in SOAR.Jul 26Jul 26
Chris Martin (@thatsiemguy)Data RBAC in Chronicle SIEMIn this post I explore Role Based Access Control (RBAC) functionality available within Chronicle SIEM, part of the Google SecOps platform…Jul 231Jul 231
Chris Martin (@thatsiemguy)Windows Event Log collection with the new SecOps Collection AgentIn this post I explore using the Google SecOps Collection Agent (also known as the BindPlane OTEL Agent) to collect Windows Event Logs.Jul 4Jul 4
Chris Martin (@thatsiemguy)MISP, BindPlane, and Google SecOpsExploring the default MISP IOC integration for Google SecOps using PyMISP and ObservIQ BindPlane.Jun 29Jun 29
Chris Martin (@thatsiemguy)Aggregate Queries in UDM SearchGoogle SecOps has introduced UDM Stats, a powerful new feature in preview that brings aggregate queries to UDM Search using YL2.Jun 16Jun 16
Chris Martin (@thatsiemguy)Native Google Authentication in Google Cloud SecOpsIn this post I explore the exciting upcoming new feature in Google Cloud SecOps: native Google Cloud Identity authentication.Jun 101Jun 101